带有来宾和身份验证中间件的 Nuxt 身份验证在刷新时将经过身份验证的用户重定向到错误的页面
[英]Nuxt auth with a guest and auth middleware redirects an authenticated user on refresh to the wrong page
问题描述
I am creating an app with Nuxt using nuxt and nuxt-auth to handle the authentication.
我正在使用 nuxt 和 nuxt-auth 创建一个带有 Nuxt 的应用程序来处理身份验证。
I am wanting to have two middlewares for auth - auth and guest.我想要两个用于身份验证的中间件 - 身份验证和来宾。 An auth user should not be able to access the login page ('/') and will get redirected to the dashboard, but can access everywhere else. auth 用户应该无法访问登录页面 ('/') 并且将被重定向到仪表板,但可以访问其他任何地方。 A guest user shouldn't be able to access any page except the login page and will redirected to the login page on any attempts.访客用户不应该能够访问除登录页面之外的任何页面,并且在任何尝试时都将重定向到登录页面。
Currently everything is working fine with regards to the authentication and logging in. However when an authenticated user clicks a link to '/' OR refreshes the page they get sent to the login page and have 'guest' privilages again even though they are still set to 'loggedIn' in the vuex store.目前,关于身份验证和登录,一切正常。但是,当经过身份验证的用户单击“/”链接或刷新页面时,他们会被发送到登录页面并再次拥有“访客”权限,即使它们仍然设置在 vuex 商店中“登录”。 It looks like when the SSR kicks in the auth store isn't available on the server so it redirects the user to the login page and then thats when everything gets messed up, however that is a guess.看起来当 SSR 启动身份验证存储时,服务器上不可用,因此它会将用户重定向到登录页面,然后一切都变得一团糟,但这只是猜测。
Below is some code:下面是一些代码:
// layout/default <- used for the login page // 布局/默认 <- 用于登录页面
export default {
middleware: 'guest'
}
// layout/dashboard <- used for all authenticated user only pages // 布局/仪表板 <- 仅用于所有经过身份验证的用户页面
export default {
middleware: 'auth'
}
// middleware/guest.js // 中间件/guest.js
export default function (ctx) {
if (ctx.app.$auth.$state.loggedIn) {
return ctx.app.$auth.redirect('home')
}
}
The other auth middleware is created with 'nuxt-auth' the nuxt.config.js file has the following settings:另一个 auth 中间件是使用“nuxt-auth”创建的,nuxt.config.js 文件具有以下设置:
auth: {
localStorage: false,
cookie: {
options: {
secure: true
}
},
redirect: {
login: '/',
logout: '/',
callback: '/api/auth/callback',
home: '/dashboard'
}
},
1 个解决方案
解决方案1
1 已采纳 2019-03-11 13:13:13
I think I have it solved.我想我已经解决了。 The issue did seem to be with the server side rendering the page as it didn't have access to auth cookie so I've made another middleware which gets applied to the whole site to check auth which does the following:问题似乎与服务器端呈现页面有关,因为它无法访问 auth cookie,因此我制作了另一个中间件,该中间件应用于整个站点以检查执行以下操作的 auth:
// Check auth // 验证身份
export default function (context) {
context.store.dispatch('auth/initAuth', context.req)
}
Then in the Vuex store we check if we are process.server and retrieve the JWT from the cookie header.然后在 Vuex 商店中,我们检查我们是否是 process.server 并从 cookie 标头中检索 JWT。 Then we set the auth store with the user before the auth and guest middlewares are being ran.然后我们在运行 auth 和来宾中间件之前为用户设置 auth 存储。
I just need to ping the API to check the JWT is valid and then that should be it.我只需要 ping API 来检查 JWT 是否有效,然后就可以了。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.